jcw@wdl1.UUCP (John C Williams) (06/30/87)
We herewith report a bug and its fix in gnuemacs (versions 18, 17, and
probably others + or -).
The problem is in the permissions assigned to the auto-saved version of
a file being edited. These permissions ought not to be more than those on
the file itself. Currently, however, the permissions will be the logical
AND of 0666 and one's default permissions, as defined by one's u-mask.
Thus, if one is editing FILE with permissions -rw-------, and one's default
permissions are -rw-r--r--, then #FILE# will have permissions -rw-r--r--.
One can, of course, redirect #FILE# into a directory with permissions that
disallow Group and Other from search, but one shouldn't have to do this.
Our solution is to change the auto_save_1 module in fileio.c .
Old version:
Lisp_Object
auto_save_1 ()
{
return
Fwrite_region (Qnil, Qnil,
bf_cur->auto_save_file_name,
Qnil, Qlambda);
}
New version:
Lisp_Object
auto_save_1 ()
{
unsigned char *fn;
int fd;
fn = XSTRING(bf_cur->auto_save_file_name) -> data;
fd = creat(fn, 0600);
close (fd);
return
Fwrite_region (Qnil, Qnil,
bf_cur->auto_save_file_name,
Qnil, Qlambda);
}
We make the changes here rather than in write-region because write-region is
called from other parts of gnuemacs. The result is that when creat is called
from write-region, the file into which the auto-save will be done already
exists with the restricted permissions.
We have been using gnuemacs (version 18) with this fix and have experienced
no problems as a consequence. (This is not to be construed as any guarantee
whatsoever.)
Sincerely,
John C. Williams
jcw@ford-wdl1.arpa
George W. Dinolt
Christopher L. Tucci